Bugzilla – Bug 889429
VUL-0: CVE-2014-3560: samba: Samba4 unstrcpy macro length is invalid
Last modified: 2014-09-01 09:57:59 UTC
embargoed via https://bugzilla.samba.org/show_bug.cgi?id=10735
CRD is 2014-08-01
We have Samba 4.1.9 currently only in openSUSE 13.1 as a released product.
Karolin Seeger drafted the advisory:
== Subject: Remote code execution in nmbd
== CVE ID#: CVE-2014-3560
== Versions: Samba 4.0.0 to 4.1.9
== Summary: Samba 4.0.0 to 4.1.9 are affected by a
== remote code execution attack on
== unauthenticated nmbd NetBIOS name services.
All current versions of Samba 4.x.x are vulnerable to a remote code
execution vulnerability in the nmbd NetBIOS name services daemon.
A malicious browser can send packets that may overwrite the heap of
the target nmbd NetBIOS name services daemon. It may be possible to
use this to generate a remote code execution vulnerability as the
A patch addressing this defect has been posted to
Additionally, Samba 4.1.11 and 4.0.21 have been issued as security
releases to correct the defect. Patches against older Samba versions
are available at http://samba.org/samba/patches/. Samba vendors and
administrators running affected versions are advised to upgrade or
apply the patch as soon as possible.
Do not run nmbd, the NetBIOS name services daemon.
This problem was found and the fix provided by Volker Lendecke, a
Samba Team member working for SerNet <email@example.com>
bugbot adjusting priority
https://build.opensuse.org/request/show/243457 openSUSE 13.1 talloc
https://build.opensuse.org/request/show/243458 openSUSE 13.1 tdb
https://build.opensuse.org/request/show/243459 openSUSE 13.1 tevent
https://build.opensuse.org/request/show/243460 openSUSE 13.1 ldb
https://build.opensuse.org/request/show/243461 openSUSE 13.1 samba
Samba 4.1.11 requires ldb 1.1.17 which requires the version updates of talloc, tdb, and tevent.
openSUSE-SU-2014:1040-1: An update that solves one vulnerability and has 5 fixes is now available.
Category: security (moderate)
Bug References: 865627,884056,889429,889539,890005,890008
CVE References: CVE-2014-3560
openSUSE 13.1 (src): ldb-1.1.17-3.4.1, samba-4.1.11-3.26.1, talloc-2.1.1-7.4.1, tdb-1.3.0-4.4.1, tevent-0.9.21-4.4.1